Security Access Manager Security Vulnerabilities and Issues — Security Access Manager CVE List

Lucene search

IbmSecurity Access Manager

4 matches found

CVE•added 2019/06/25 4:15 p.m.•136 views

CVE-2019-4135

IBM Security Access Manager 9.0.1 through 9.0.6 is affected by a security vulnerability that could allow authenticated users to impersonate other users. IBM X-Force ID: 158331.

8.8CVSS8.4AI score0.0063EPSS

CVE•added 2018/10/22 1:0 p.m.•49 views

CVE-2018-1850

IBM Security Access Manager Appliance 9.0.3.1, 9.0.4.0 and 9.0.5.0 could allow unauthorized administration operations when Advanced Access Control services are running. IBM X-Force ID: 150998.

8.8CVSS8AI score0.00535EPSS

CVE•added 2016/11/25 3:59 a.m.•41 views

CVE-2016-3025

IBM Security Access Manager for Mobile 8.x before 8.0.1.4 IF3 and Security Access Manager 9.x before 9.0.1.0 IF5 do not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach.

8.1CVSS7.7AI score0.00536EPSS

CVE•added 2017/11/13 11:29 p.m.•39 views

CVE-2017-1477

IBM Security Access Manager Appliance 9.0.3 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 128612.

8.1CVSS7.8AI score0.00583EPSS